On January 1, 2020, a new smart device data privacy law will take effect in California and will require manufacturers of internet-enabled devices to include “reasonable security” features to protect all data stored or transmitted from “unauthorized access, destruction, use, modification or disclosure.” Passage of the law follows several months after California enacted the California Consumer Protection Act of 2018, which contains strict protections for consumer personal information.